<?php
require ("config.php");
if(!$myuser->logged()) {
   redirect('/');
}
$bg_errorMsg = '';
$action = getValue('action','str','POST','');
switch($action) {
   case 'changeInfo':
      $firstname = getValue('firstname','str','POST','',2);
      $lastname = getValue('lastname','str','POST','',2);
      $phone = getValue('phone','str','POST','',2);
      $gender = getValue('gender','int','POST',0);
      $birthday = getValue('birthday','str','POST','',2);
      $birthday = strtotime($birthday);
      $contact = getValue('contact','str','POST','',2);
      $myform = new generate_form();
      $myform->add('use_firstname','firstname',0,1,'',0);
      $myform->add('use_lastname','lastname',0,1,'',0);
      $myform->add('use_phone','phone',0,1,'',0);
      $myform->add('use_gender','gender',1,1,0,0);
      $myform->add('use_birthday','birthday',1,1,0,0);
      $myform->add('use_contact','contact',0,1,'',0);
      $bg_errorMsg .= $myform->checkdata();
      $myform->addTable('users');
      $myform->removeHTML(0);
      $db_update = new db_execute($myform->generate_update_SQL('use_id',$myuser->u_id));
      if($db_update->total == 1) {
         redirect('/trang-ca-nhan/?status=1');
      }else {
         redirect('/trang-ca-nhan/cap-nhat-thong-tin/?status=0');
      }
      break;
   case 'changePassword':
      $password_old =  getValue('password_old','str','POST','',3);
      $db_user_up = new db_query('SELECT use_security,use_password FROM users WHERE use_id = '.$myuser->u_id);
      $user_up = mysql_fetch_assoc($db_user_up->result);
      if(md5($password_old.$user_up['use_security']) == $user_up['use_password']) {
         $pass		        =  getValue('password_new', 'str', 'POST', '',3);
         $config_password =  getValue('password_new_again','str','POST','',3);
         $use_security	  =  rand(111111,999999);
         $password        =  md5($pass . $use_security);
         $myform = new generate_form();
         if($config_password == $pass && $pass != ''){
            $myform->add('use_password', 'password', 0, 1, '', 1, 'Bạn chưa nhập mật khẩu.', 0, '');
            $myform->add('use_security', 'use_security', 1, 1, '', 0, '', 0, '');
         }
         $myform->addTable('users');
         $bg_errorMsg .= $myform->checkdata();
         if($bg_errorMsg == ''){
              $db_insert = new db_execute($myform->generate_update_SQL('use_id',$myuser->u_id));
              redirect('/trang-ca-nhan/?status=2');
          }
      }else {
         redirect('/trang-ca-nhan/thay-doi-mat-khau/?status=0');
      }
      break;
   default :
      redirect('/');
      break;
}

?>